CryptoDB
Generic Anamorphic Encryption, Revisited: New Limitations and Constructions
| Authors: |
|
|---|---|
| Download: | |
| Conference: | EUROCRYPT 2025 |
| Abstract: | The notion of Anamorphic Encryption (Persiano {\em et al.} Eurocrypt 2022) aims at establishing private communication against an adversary who can access secret decryption keys and influence the chosen messages. Persiano {\em et al.} gave a simple, black-box, rejection sampling-based technique to send anamorphic {\em bits} using any $ \indcpa $ secure scheme as underlying PKE. In this paper however we provide evidence that their solution is not as general as claimed: indeed there exists a (contrived yet secure) PKE which lead to insecure anamorphic instantiations. Actually, our result implies that such stateless black-box realizations of AE are impossible to achieve, unless weaker notions are targeted or extra assumptions are made on the PKE. Even worse, this holds true even if one resort to powerful non-black-box techniques, such as NIZKs, $ \iO $ or garbling. From a constructive perspective, we shed light on those required assumptions. Specifically, we show that one could bypass (to some extent) our impossibility by either considering a weaker (but meaningful) notion of AE or by assuming the underlying PKE to (always) produce high min-entropy ciphertexts. Finally, we prove that, for the case of {\em Fully-Asymmetric} AE, $ \iO $ {\em can} actually be used to overcome existing impossibility barriers. We show how to use $ \iO $ to build Fully-Asymmetric AE (with small anamorphic message space) generically from any $ \indcpa $ secure PKE with sufficiently high min-entropy ciphertexts. Put together our results provide a clearer picture of what black-box constructions can and cannot achieve. |
BibTeX
@inproceedings{eurocrypt-2025-34962,
title={Generic Anamorphic Encryption, Revisited: New Limitations and Constructions},
publisher={Springer-Verlag},
author={Dario Catalano and Emanuele Giunta and Francesco Migliaro},
year=2025
}